Cybercrime & Digital Threats

Recent spam campaigns leading to URSA/Mispadu has been uncovered. This attack targets systems with Spanish and Portuguese as system languages.

The provision of services, as well as the way criminals operate in the underground, have gone through many changes over the years to cater to the market’s different infrastructure demands.

Hackers spread messages supposedly sent from Instagram Help Center claiming that the user's account is at risk of being deleted.

Darkside ransomware surfaced, operators behind Crysis/Dharma released a hacking toolkit, a targeted email campaign was used to propagate Negasteal, and a coinminer was seen bundled with legitimate applications.

We found some fake Facebook accounts stolen from influential accounts to sell, change the details, and/or reused for phishing.

We found online dating website scam campaigns primarily targeting Japanese customers for their personal and financial information.

Underground platforms are part of a mature ecosystem for trading cybercrime goods and services. How does a capable hosting infrastructure allow illicit activities to thrive?

A Russian group dubbed as Cosmic Lynx initiated more than 200 BEC campaigns targeting hundreds of multinational companies.

In this report, we discussed new ransomware family Avaddon, updates on techniques of other ransomware, and our latest figures.